Intensive data protection course
GDPR Data Privacy Professional

This course is designed for beginners and taught by CIPP/E, CIPM, CIPT, and FIP-certified trainers.

What are the benefits of this training?
We try to keep students informed

The intensive GDPR DPP course has stood the test of time and is still relevant to clients. We update the course with new information, news, and cases every month.

More than 2000 graduates

Our graduates of the course have become DPOs and work in the UK, Germany, Lithuania, Latvia, Estonia.

Experiance and knowledge

The author and trainer of the course Siarhei Varankevich, CIPP/E, CIPM, CIPT, MBA, FIP started his journey in the GDPR world in Germany.

Practice is the basis of our course

Students will receive Siarhei's method for learning. The course emphasizes practical knowledge. Students will work on 32 cases provided by clients and world-renowned corporations.

Our students are our partners for life

We invite all of our students to join our virtual network where they can communicate with other experts, find answers to their questions, recieive exclusive offers and grow!

Neither a legal nor technical background is necessary!

It doesn't matter if you're a beginner. It is Siarhei who can explain everything in simple terms and guide you through difficult situations

Although GDPR went into effect in 2018, there are still many questions and not many qualified specialists who can protect companies from fines and data breaches. You may have questions such as: 

  • How am I protecting the data?
  • Am I violating the Regulation?
  • What causes clients to request data deletion?
  • The Google Play Market or the App Store removed our app. Why?

This and other situations suggest that the GDPR needs to be taken into account. An error in data privacy can cost a company millions in fines and ruin its reputation. However, this is only applicable if the company doesn’t have a professional who can handle data and make the business user-friendly to clients. A GDPR Data Privacy Professional is your step-by-step compliance guide. The GDPR DPP is your ticket to a real, well-paying career. So what are you waiting for?

Upon completion of the course, you will be able to:
Discover how to succeed in the privacy sphere
Apply GDPR concepts to your workflow
Save your company millions of euros by avoiding fines
Take the first step in a new career - Data Privacy Profession
For what companies?

First of all, the following companies must comply with the GDPR:

  • Apps and cloud services
  • Pharma and medical companies
  • IT outsourcing companies
  • E-commerce
  • Social networks
  • Banks

Following the course, you will be able to answer the following questions:

  1. Privacy – what is it?
  2. What is personal data under the GDPR?
  3. How long can personal data be stored and what legal basis is needed for its collection?
  4. What is the role of the Data Protection Officer?
  5. What is the process of risk assessment (DPIA)?
  6. How should your privacy policy be written?
Course in numbers
Case studies
MB of additional materials
  • Concepts of privacy, data privacy, data protection. Types of privacy.
  • Review of existing data privacy laws, standards and regulations
  • Сases, court precedents, guidelines in information privacy
  • The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data №108
  • Directive 96/46
  • Overview of present regulatory framework of data protection in EU (GDPR+)
  • History of EU General Data Protection Regulation (GDPR)
  • Territorial and material scope of GDPR
  • Structure of GDPR text (recitals, business related articles etc)
  • Overview GDPR related acts
  • National data privacy legislation
  • Legal precedents
  • Guidelines and opinions of Article 29 Working Group (Art29WP) / European Data Protection Board (EDPB)
  • Guidelines of national supervisory authorities (SAs)
  • Overview of risks, fines, responsibilities related to personal data processing
  • Mapping of the Belarusian, Ukrainian and Russian data protection laws to the rules applicable in EU.
  • The concepts of personal data (PD), identifier, data subject
  • Formula of Persomal Data “(id-x)+info”
  • Cases of (non-)personal data
  • Biometric data
  • Data processing and types of processing.
  • Transparency of processing
  • Purpose limitation
  • Data minimisation
  • Storage limitation
  • Accuracy
  • Integrity and confidentiality
  • Accountability
  • Consent
  • Conditions for consent
  • Getting consent in UX
  • Contract
  • Legal obligation
  • Vital interest
  • Public interest
  • Legitimate interest
  • Balancing test of Legitimate Interest Assessment (LIA)
  • Modalities for exercise of the rights of the data subject
  • Right to information about processing
  • Right to access personal data
  • Right to rectification
  • Right to restriction of processing
  • Right to be forgotten
  • Right to data portability
  • Right to object
  • Right to not be subject of automated decision-making
  • Data subject’ rights restriction
  • Case “Nightmare letter from data subject”
  • Check-box approach vs risk based approach
  • Concept of risk
  • Risk likelihood and severity
  • GDPR terminology related to risks (high risk, likely etc)
  • Data Protection Impact Assessment (DPIA) requirement under GDPR
  • When DPIA is mandatory
  • BIA (Business Impact Assessment) or SIA (Security Impact Assessment) as triggers for DPIA
  • General approach to conduct DPIA
  • Describing processing operations, personal data and supporting assets
  • Legal and risk-treatment controls
  • Risk sources, feared events, threats and risks
  • Tools for Data Protection Impact Assessment
  • GDPR requirements to information security
  • Data breach notification of supervisory authorities and data subjects
  • Technical and organisational measures of managing information security risks
  • Overview of GDPR rules on cross-border data flow
  • Documenting international transfers of personal data
  • Data Processing Agreement
  • Binding Corporate Rules
  • Standard Contractual Clauses
  • Codes of conduct and certifications
  • Derogations relating to cross-border data transfers for specific situations
  • The 7 foundational principles of privacy by design by Ann Cavoukian
  • Privacy by Default
  • Privacy embedded into design
  • Full functionality – positive-sum
  • End-to-End Security – Lifecycle Protection
  • Representative in EU
  • Data Protection Officer / DPO


Training is an organizational measure, and is a duty reflected in the General Data Protection Regulation, Articles 24, 25, 28, 32, and 39. Our recognizable certificate confirmyour knowledge and ability to work as DPO specialist. We also attach the course program to certificate. 

Online format

The training is organized using Zoom. You can see the trainer’s screen and ask him questions using a mic or a webcam in real-time.

We will share an invitation link with you through a group chat on WhatsApp.

Technical requirements:

  • mic and headphones;
  • Internet connection for high-quality video call;
  • Zoom app.

Our recommendation is to dedicate these days exclusively to training for maximum benefit.

Sign up